Training Catalog

Preparation Course to the Certified Information Security Manager® (CISM®) Certification




Digital transformation has continued to accelerate in recent years and the modern world relies on the digital space to get business done. But with the increase in cyberattacks, scams and security breaches, becoming a digitally trustworthy enterprise is important for organizations to enhance reputations, their relationships and brand loyalty with customers. Digital trust is a necessity in a global economy reliant on ever-increasing connectivity, data use and new innovative technologies.


This interactive course is an ideal way to prepare for the CISM® exam. 

The preparation courses focus exclusively on the essential areas covered in the CISM® certification exam. The course covers the core sections and a series of sample exam questions that provides participants with a “feel” of the format and the types of questions encountered during the exam. The correct answers to each question are also reviewed for a better understanding of expectations of the ISACA Certification Board.

Selected participants will receive the CISM® material in advance to study before taking part in the course. Please note that the CISM® exam requires long-term preparation and self-study.  


The ISACA CISM® Exam Preparation Training covers the following 4 job practice domains:

Domain 1 - Information Security Governance (17%)

Affirms the expertise to establish and/or maintain an information security governance framework (and supporting processes) to ensure that the information security strategy is aligned with organizational goals and objectives. Domain 1 confirms your ability to develop and oversee an information security governance framework to guide activities that support the information security strategy.

Domain 2 - Managing Information Risk Management (20%)

Proficiency in this key realm denotes advanced ability to manage information risk to an acceptable level, in accordance with organizational risk appetite, while facilitating the attainment of organizational goals and objectives. Domain 2 demonstrates expertise in classifying information assets to ensure measures taken to protect those assets are proportional to their business value.

Domain 3 - Information Security Program (33%)

Establishes ability to develop and maintain an information security program that identifies, manages and protects the organization’s assets while aligning with business goals. Domain 3 attests to the ability to ensure the information security program adds value while supporting operational objectives of other business functions (human resources, accounting, procurement, IT, etc.).

Domain 4 - Incident Management (30%)

Validates capacity to plan, establish and manage detection, investigation, response and recovery from information security incidents in order to minimize business impact. Domain 4 establishes your skills in accurately classifying and categorizing information security incidents and developing plans to ensure timely and effective response.

Target Audience

Information Security Managers, Chief Information Officers, Risk Managers from commercial banks, central banks and supervision authorities or other financial institutions:

  • willing to take the CISM® exam, for which they must have

  • a minimum of 5 years of information security management work experience within the past 10 years in order to qualify for the CISM® certification.

Experience must be earned in three of the four CISM® Job Practice Domains to qualify:

  • Information Security Governance

  • Managing Information Risk Management

  • Information Security Program

  • Incident Management


Course Material

The training material will be handed out at the beginning of the course.


Following this training programme, candidates are requested to take the CISM® exam by the date set by the House of Training-ATTF.

The exam can be taken in a remote proctoring format or in person at a test centre (available in most of our partner countries).


For further questions please contact our partner in your country


Preparation Course to the Certified Information Security Manager® (CISM®) Certification

It was a journey full of learnings and new knowledge, specially as I assume this new function as a CISO, almost everything I learnt I can put into practice in my daily job. It was a very pressured experience and tough exam as well.

Agueda Sofia MONTEIRO TAVARES  -  Cape Verde